Tagged Questions

The operating system is the software component that provides abstraction of physical hardware, and provides a generalized model for application software to execute without the need for specific hardware knowledge. Questions on the topic of operating system security should use this tag; you may also ...

I just realized that, in any language, when you save a password in a variable, it is stored as plain text in the memory.
I think the OS does its job and forbids processes from accessing each other's ...

I need to convince my internal IT department to give my new team of developers admin rights to our own PCs. They seem to think this will create some security risk to the network. Can anyone explain ...

I'm looking for hints about secure linux desktops. Securing servers is no problem. Most recent Software Updates, run only the services required etc. But what about desktops? I'm thinking about details ...

Following on from this question Does anyone have any details/resources on the technical specifics of how apple implement encryption on their iOS 4.x series devices?
The Apple marketing material here, ...

I have an encrypted HDD (dm_crypt). That's why I store my passwords in a simple text file. I usually copy/paste the passwords from it. Ok!
Q: If I open this text file then it goes into the memory. So ...

Why does military and government not use special operating systems? I mean, if they do not use generic operating system based on Windows, Linux and Mac and create their own operating system, they will ...

Is it possible to have Ubuntu users log in with multi-factor authentication? I was thinking of a combination of pass(word|code) and smartcard (with screen locks when for example smart-card is removed)
...

I've seen people demonstrating the use of backtrack to attack VMs. In one of the components of backtrack, it shows the operating system of the targets. Since support for Windows XP is ending soon, i ...

Are there any applications, JIT frameworks or operating systems that focus on encrypted virtual memory, or perhaps virtual machines that do something similar? I know there are processors (albeit old, ...

Yesterday morning I had an OS class and we just started the part about OS security.
When the professor was explaining what is a patch manager, he told us that a computer company he knows which deals ...

Recently there is a bit of concern over encryption back doors in IPsec and while the status of this has not been confirmed, I don't know what impact something like this might have.
For instance, does ...

Is it possible to prevent regular users from accessing the C drive via Windows Explorer? they should be allowed to execute certain programs. This is to ensure that employees cannot steal or copy out ...

I am interested in potential/actual attacks against kiosk software.
I am not talking about physical access, or specifically designed kiosk operating systems or shells, bur rather software that runs ...

I'm sitting at a cafe, using their public Wi-Fi. I don't go on sensitive sites; I basically go to a music site and listen to a live stream, for which there's no login. I don't check my email or visit ...

Our environment consists of about 80 users running Windows 7. Previous to me showing up as a full time IT employee, the company had contracted an outsource IT solution. As part of their set up, they ...

As a summer project, I'm looking to prevent any piece of proprietary software like many games I run from have access to my personal files. After looking a lot at sandboxing, I've decided that anything ...

Since Firewire lacks security, allowing a plugged-in device to access host memory, it's a good thing to fully disable it. If we're not using the BIOS to disable the Firewire port then how could we do ...

Does Windows XP or Windows 7 encrypt saved passwords?
I'm assuming that the user uses local password to logon.
The user then uses his own computer to connect to server in work and sets the "remember ...

Is there a file system providing a directory where everybody can write, but only the directory owner can read the files? In theory it could be done by encrypting using the public key while writing, ...

As far as I know, the autorun.inf problem (the possibility of automatically executing code when a USB stick is plugged in) was solved through Windows Updates for XP, and on 7 it is no longer possible ...

It there a reliable method of “monitoring” system calls under Linux?
There is strace for example to monitor system calls and signals. Is there a way for a process to dodge out of strace? If yes, is ...

For example, the Biba model is now hanging out in current versions of Windows. Things downloaded from the Internet are tagged as such. Internet (low) stuff can't alter user (medium) stuff which isn't ...